Pavel Březina <pbrezina(a)redhat.com> writes:
On 2/21/20 7:26 PM, Robbie Harwood wrote:
> Sumit Bose <sbose(a)redhat.com> writes:
>
>> So if GOA team agrees with the needed changes on the GOA side the
>> file/inotify solution might be better.
>
> CCing some GOA folks. I believe their preference was for the inotify
> approach.
>
> Moreover, I'd like to provide a consistent interface to all of the
> ccaches from krb5. I'm not going to be able to do that if dbus
> becomes involved (for a variety of reasons).
Is there some kerberos api that can be used to register client for
notifications?
No, the idea would be to add one. For the most part, we can move the
GOA logic into krb5 so long as it's suitable. Ray and I had discussed a
possible interface in
https://projects.engineering.redhat.com/browse/IDMAFS-1
This is not a definite thing, though - it's possible that only GOA wants
this functionality and it's not worth adding a krb5 API for.
Thanks,
--Robbie